Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Communications Government Privacy United States

French, German Leaders: Keep European Email Off US Servers 115

Posted by timothy
from the at-least-those-countries-don't-spy dept.
jfruh writes "In her weekly podcast, German Chancellor Angela Merkel said she'd be discussing European email security with French President Francois Hollande. Specifically, in the wake of the NSA spying revelations, the two leaders will try to keep European email off of American servers altogether to avoid snooping. This comes as Merkel's government faces criminal complaints for assisting aspects of the NSA's programs."
This discussion has been archived. No new comments can be posted.

French, German Leaders: Keep European Email Off US Servers

Comments Filter:
  • You, uh... Know... (Score:5, Informative)

    by Greyfox (87712) on Tuesday February 18, 2014 @08:50AM (#46274923) Homepage Journal
    That won't avoid snooping, right?

    You COULD mandate end-to-end encryption if you were really that worried about it. That probably also wouldn't avoid snooping, but it'd make it a bit more difficult. We should probably also move away from using the browser as a mail client. But you're not really worried about snooping, are you? You're just worried about US snooping.

    • by Trepidity (597)

      Well yeah, Merkel isn't really worried about the German police reading email. If she were, she could do something about that problem more easily...

      However I think in addition to being worried about US snooping, this is also a convenient opportunity for promoting local technology firms. If a bunch of people move from Gmail to European email providers, that's good for the European tech industry regardless of whether it actually hampers spying.

      • by turgid (580780) on Tuesday February 18, 2014 @09:02AM (#46275017) Journal

        this is also a convenient opportunity for promoting local technology firms

        The European Internet brought to you by SAP AG [sap.com]?

        • That might be more like it. They want to pull a China and encourage their own knockoffs of Google, Amazon, eBay, FacePlant etc.

      • "However I think in addition to being worried about US snooping, this is also a convenient opportunity for promoting local technology firms."

        The thing is, though, they could have done this LONG ago. They could have paied to lay their own cables, and paid to develop their own backbone infrastructure. Instead, they decided to go the cheap route and ride the coattails of the U.S.

        That's all fine, but bitching about it later makes HER look bad, because it was a choice freely made. These options have always been available. They're just making political hay out of the situation, that's all.

        • by Trepidity (597)

          They do actually have the cables and backbone. Despite the weird wording she doesn't seem to be talking about an actual European network, since that already exists: if you ping from Sweden to Italy it goes through Germany, Austria, etc., like you'd expect. The problem is that many of the successful hosted services are in the USA, so while the ping stays within Europe, when you email from Sweden to Italy, it probably hits up Gmail in the USA.

          • "he problem is that many of the successful hosted services are in the USA, so while the ping stays within Europe, when you email from Sweden to Italy, it probably hits up Gmail in the USA."

            That's even less of a real issue! Yes, the companies are American. That's because they were started via American ingenuity, work, and investment. They started here, they got big here.

            If they want to use other services, then they can damned well build their own. They have even less of a moral leg to stand on in that respect! If they don't want to use American companies, then they can fucking well use German companies. Nobody is stopping them.

            • by Trepidity (597)

              If they want to use other services, then they can damned well build their own.

              That seems to be kind of what Angela Merkel is proposing? The whole proposal is: Europe should build their own online services and stop using America's.

              • Yep. And good for them.

                I have absolutely zero problem with the idea. I just don't think bitching about the situation is called for, when the solution to it has been available to them all along. Failure to take advantage of it was nobody's fault but theirs.

                Having said that: sure, it might not be nice for NSA to spy on people, but the UK is approximately as guilty, so there still isn't much room to bitch.
    • That's not what she wants as that again would cripple german law enforcement.

  • Lest anyone forget (Score:5, Insightful)

    by cold fjord (826450) on Tuesday February 18, 2014 @08:53AM (#46274945)

    The German Prism: Berlin Wants to Spy Too [spiegel.de]
    French officials can monitor internet users in real time under new law [theguardian.com]

    And some of the reports of "NSA spying" were in fact NSA being given phone data from European agencies.

    • And while we're on the subject of Merkel | Germany | spying:

      Merkel's cellphone said targeted by 5 countries' spy agencies [upi.com]

      German Chancellor Angela Merkel's cellphone was tapped by at least five foreign intelligence agencies, not just by the United States, a German magazine said.

      Besides the U.S. National Security Agency, Merkel's phone was monitored by the British, Russian, Chinese and North Korean surveillance agencies, weekly news magazine Focus reported, citing an unnamed German security official.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Very much this. Hey, I do agree with cold fjord for once!

      As disgusting as the whole Snowden revelations about NSA are (and as much as I think the whole NSA/Homeland "Security" thing has gotten out of hand and should be put under strict democratic control), the "secret services" this side of the pond (and their apologists) are (mis)using the whole scandal to further their dirty little agendas.

      I won't forget that it was Merkel's party which pushed for horrid data retention laws across the whole of EU. I won't

    • That's a bit of a tu quoque argument. Yes, they were doing it too. No, that doesn't make the US doing it any better and no, that doesn't mean it would be good for her to drop it.

      It's good to keep in mind, lest germany tries to become a tech hub based on the premise that they won't spy like the NSA, but until then, let her help us keep the spotlight on the NSA.
  • Favorite part (Score:4, Interesting)

    by TheCarp (96830) <sjc AT carpanet DOT net> on Tuesday February 18, 2014 @08:56AM (#46274969) Homepage

    > This comes as Merkel's government faces criminal complaints for assisting aspects of the NSA's programs."
    > twitter facebook linkedin Share on Google+

    My favorite part of the whole thing is that they are facing criminal complaints for assisting the NSA, all while having also been spied on by the very people they assisted. Hmm a happy satisfied feeling from seeing others get what has been coming to them? I believe the Germans just might have a word for that.

    • by Anonymous Coward

      I believe the Germans just might have a word for that.

      Zeitgeist?
      Poltergeist?
      Fahrvergnuegen?
      Brutosozialprodukt?
      Sauerkraut?

      • by Anonymous Coward

        I think GPP is thinking of whatever the German word is for schadenfreude.

    • by Solandri (704621)
      Well duh. This is all a CYA attempt to cast this as something terribad the U.S. did, and they themselves are completely innocent of any wrongdoing. Just like the U.S. Congress and President have mostly successfully cast this as something terribad the NSA did, and they themselves are completely innocent of any wrongdoing. It's not like they funded, got regular reports on, and used the data collected by the NSA program they created and authorized, right?
    • > This comes as Merkel's government faces criminal complaints for assisting aspects of the NSA's programs."
      > twitter facebook linkedin Share on Google+

      My favorite part of the whole thing is that they are facing criminal complaints for assisting the NSA, all while having also been spied on by the very people they assisted. Hmm a happy satisfied feeling from seeing others get what has been coming to them? I believe the Germans just might have a word for that.

      Negativhandlungsreziprozitätsbeobachtungsfröhlichkeitszufriedenheitsgefühl? ;-)

  • by Adult film producer (866485) <van@i2pmail.org> on Tuesday February 18, 2014 @09:14AM (#46275119)
    you're not gonna stop us from reading or listening to any of your conversations. We're the proud, the strong, and we own all of your communications :)
  • by Anonymous Coward

    -- edited by NSA -- I think the US is a wonderfull place to live in full of freedom and democracy. I think all other countries are plotting terrorist attacks and they will fail.

  • by nam37 (517083)
    ...none of the EU countries monitor communications, right? This is completely an example of misdirection. "Look over there!!! Bad NSA!!! Bad US spy agencies!!"
  • As a Canadian (Score:4, Interesting)

    by denisbergeron (197036) <{moc.oohay} {ta} {noregreBsineD}> on Tuesday February 18, 2014 @10:02AM (#46275471)

    It's even a law in Canada to prohibe company with data on canadians people to avoid any storage/transport of these data using any IT infrastrure in the USA.

    • Re: (Score:3, Interesting)

      Privacy laws in Canada do not prohibit transferring personal data to US. It's a common misconception.
      • Re:As a Canadian (Score:4, Interesting)

        by denisbergeron (197036) <{moc.oohay} {ta} {noregreBsineD}> on Tuesday February 18, 2014 @10:46AM (#46275839)

        The fact is that the privacy law prohibit transferring personnal data outside Canada. Period. And, except from some west reformist, Outside-Canada include the USA.

        • You would be incorrect. [priv.gc.ca]
          The Canadian firm is responsible for ensuring that a breach doesn't happen when the data is in possession of the foreign firm, but it's not illegal to send it there at all.
          Considering the Canadian firm's responsibilities, it can certainly be argued that it's rarely, if ever, a good idea, but it's certainly not illegal.

          • From the link
            Comparable Level of Protection

            "Comparable level of protection" means that the third party processor must provide protection that can be compared to the level of protection the personal information would receive if it had not been transferred. It does not mean that the protections must be the same across the board but it does mean that they should be generally equivalent.

            Of course sending data in the USA can't give comparable level of protection since it's know that the US gouvernement will snoo

    • Re:As a Canadian (Score:5, Interesting)

      by FireFury03 (653718) <slashdot@CHEETAHnexusuk.org minus cat> on Tuesday February 18, 2014 @10:22AM (#46275609) Homepage

      It's even a law in Canada to prohibe company with data on canadians people to avoid any storage/transport of these data using any IT infrastrure in the USA.

      The data protection act has restrictions on exporting data... In my experience pretty much everyone is ignoring those restrictions when it comes to migrating to "cloud" services, and that's not going to stop until people start getting hit by big fines.

      • I think, it's just because proofs are hard to show in these case, until some private info of a canadian will be part of some breach .

        • I think, it's just because proofs are hard to show in these case, until some private info of a canadian will be part of some breach .

          Sorry, I forgot to add "here in the UK" to my previous post. I'm unconvinced that (here) the information commissioner's office even cares, so I'm not expecting any kind of enforcement action soon.

      • by phorm (591458)

        Many places where I have worked strongly avoid using cloud services for company business. In the education industry in particular, they were quite strong on avoiding remote hosting in order to protect student data.
        Some places even go so far as to block Google Drive, dropbox, etc entirely.

        • Many places where I have worked strongly avoid using cloud services for company business. In the education industry in particular, they were quite strong on avoiding remote hosting in order to protect student data.
          Some places even go so far as to block Google Drive, dropbox, etc entirely.

          I work with the education sector and we're increasingly seeing schools moving to cloud services, such as Exchange Online, and even Dropbox and iCloud. No consideration seems to be being made regarding data protection laws, which are almost certainly being broken by using these services (IMHO there's no realistic way to ensure that personal data isn't placed on these services). Also, there seems to be no consideration for the increased load such services place on the internet uplink - suddenly stuff like e

  • Given the latency across the Atlantic, I wouldn't be surprised if all of the major US email providers host the mailboxes of their EU customers in the EU. If so, does that go against Merkel's wishes?
    • by Alioth (221270)

      The latency is only about 150ms. This is simply unnoticable for email, so major US email providers aren't going to have servers in the EU for latency reasons.

      • by jader3rd (2222716)

        The latency is only about 150ms. This is simply unnoticable for email, so major US email providers aren't going to have servers in the EU for latency reasons.

        That would probably be true for classic client server email, but consumers (and by consumers I mean people who don't read Slashdot) expect their email to be a web based client. And for all of the back and forth an interactive web client is going to have with the server, 150ms could be killer.

  • It's not just that the French and German government are going to move to doing business with non-US companies for email. There are many reports [citation needed] of governments and companies throughout the world choosing non-US cloud providers who promise not to have servers in the US. This is showing up on companies earnings reports in reduced overseas sales.

    At first I thought it was silly - all governments want to be able to get their hands on data stored in their domain, so moving from the US just

  • by EmperorOfCanada (1332175) on Tuesday February 18, 2014 @10:51AM (#46275899)
    You mean that if google has a gmail server sitting in Germany that it won't be able to access all the content on that server? What?

    If some NSA/FBI/CIA goon walks into an google/yahoo/whatever office in the US and hands a secret court order for a US citizen to dig through the German server the guy is going to dig through the German server. If anything a google run German based server is actually more legally friendly to the CIA/NSA as now they can be fairly certain they aren't trolling through US-US communications.

    So if the US passed a law tomorrow (that was actually obeyed) that 100% banned any interception of communications of one US citizen with another then setting up European only servers would be something the NSA would want Google to to.

    If Europe is truly serious about defending their privacy they would insist upon audited servers stationed in Europe run by natural born European citizens with single nationality and no family or economic ties outside of their legal reach. Then they would need to make a ferociously punitive fine for any employes, management, or companies that violate these privacy rights with a huge portion of the fines going to any whistleblower.

    Another suggestion I have is for some European company to buy blackberry and make those phones truly and uncompromisingly secure with features such as one time pads.
    • by AHuxley (892839)
      There is no way out for the EU, all their back haul/trunk telco equipment is US/NSA/GCHQ 'ready' by design and has been for generations.
      German staff helped design a telco network to allow one site tapping for all of "West" and now "Germany" knowing all the data was flowing to a few outside countries.
      How does the German gov go to their top telco staff at a gov and private sector as ask them to help the NSA less and look after Germany starting in this decade?
      Too many top telco staff members will honour an
  • Someone could maybe tell Merkel that there is no "German internet" and no "American internet"?

    Saying that you want to "keep emails in Europe" is like sitting in the swimming pool noticing that some piss in the pool so you decide to put a chain across the middle of the pool and declare that in your side only non-peers may swim while those that pee in the water have to stay on the other side.

  • by cheros (223479) on Tuesday February 18, 2014 @12:02PM (#46276799)

    EU Data Protection laws require a company to protect the privacy of the people it receives email from. Now the fallacy of the Safe Harbor agreement has become clear, using US providers means knowingly placing privacy in jeopardy.

    Silicon Valley has a MASSIVE problem on its hands in this context: even if a US company WANTED to protect client information (and let's be honest, lots of them actually do), they are legally not in a position to do so. The biggest problem is that this is a legal issue, and that will take at least a decade to fix...

    • It's a trust issue more than a legal issue. As it turns out American companies were for years under gag orders for certain kinds of government (FISA) data requests. They couldn't even discuss their existence. Under pressure from leaks, now the US government is relaxing [reuters.com] and allowing them to reveal some aggregate data about these previously-secret requests.

      The fact that all this "openness" has only come under duress makes one strongly suspect that the spying will only shift into some new program. The legality

  • by ThatsNotPudding (1045640) on Tuesday February 18, 2014 @01:26PM (#46277997)
    Given that GCHQ is a loyal lapdog of the NSA, you'll have to exclude ole Britannia Servers as well.
    • Given that France (http://www.theguardian.com/world/2013/jul/04/france-electronic-spying-operation-nsa) and Germany (http://www.npr.org/blogs/parallels/2013/06/22/194299389/Privacy-In-Germany) evidently engage in the same sort of data collection as the NSA this all seems more than a bit hypocritical.

      I'm very unhappy with what the NSA is doing and believe that I needs to be stopped/limited but to believe that the U.S. is somehow uniquely guilty here is just naïve.
  • We already have nodes running inside both countries which tap the main lines.

    Illegal? Of course.

    Unconstitutional? Only if, as they are designed to do, they capture American emails too.

    Stupid? Heck, this is America ... does that answer your question?

    • Unconstitutional? Only if, as they are designed to do, they capture American emails too.

      If those nodes are in countries other than the US, the question whether they are unconstitutional is decided by the constitution of the country those nodes are in.

      • Yes, but the US does not recognize other countries constitutions.

        For example, we signed legally binding Data Privacy Treaties with Canada and the EU and we still steal your data.

        QED.

  • by wdhowellsr (530924) on Tuesday February 18, 2014 @07:27PM (#46281425)
    Yes. This is the last one, and if this isn't true and Slashdot.org will permanently resemble a wife married for 28 years with a fifteen year old son and a twelve year old daughter so be it, I spent most of my early life without sex (ie Please tell me the browser cache is screwing with me. Please tell me that my wife wants to have sex more often ( ok that isn't going to happen, I have a 12 and 15 year old) Do we really have Slashdot.org back? Isn't that better than writing a curse word in caps? No. Please tell me this SHIT,SHIT,SHIT,FUCKING,FUCKING,FUCKING,JACKASS,JACKASS,JACKASS beta experiment is dead and buried. Excuse my French.
  • They want their technology back. Honestly, Angela should talk to people who know what they are doing before making such silly statements.

    Yes, Let's put another dead bolt on that front door. Don't worry about the unlocked screen door in back. Nobody sees it. Besides, they certainly wouldn't dare go back there, would they?

    Heh.

"In the face of entropy and nothingness, you kind of have to pretend it's not there if you want to keep writing good code." -- Karl Lehenbauer

Working...